Online transaction method, visual financial IC card, client, and server

ABSTRACT

A method of online transaction, in which a visual financial IC card receives transaction transferring data from a client, obtains transaction data, receive an online PIN from a user, obtains online PIN ciphertext by encrypting, executes behavior analyzing to obtain a card behavior analyzing result, sets a first transaction result, organizes message according to the transaction data, the online PIN ciphertext, the card behavior analyzing result and the first transaction result, and sends the message to the client; receives an online response package sent by the client, executes completing process to obtain a completing process result, sets a second transaction result, displays a corresponding information, organizes a data package according to the second transaction result and the completing process result, and sends the data package to the client. In this invention, any transaction terminal is avoided to improve security and convenience of the online financial IC card transaction.

FIELD OF THE INVENTION

The present invention relates to a method of online transaction, avisual financial IC card, a client and a server, which belongs to thefield of information security.

BACKGROUND OF THE INVENTION

The improvement of informatization of financial industry requires higherlevel of security. Many domestic or foreign banks release financial ICcards instead of traditional magnetic stripe cards. Financial IC card,which is called chip card, uses a chip as media. With mass storage, thechip card can store information such as key, digital certificate andfingerprint. Loaded with electronic paper technology, the chip card candisplay non-sensitive information such as remaining balance of e-cash,transaction details and default data of card issuer, and the like.

The financial IC card in the prior art requires a POS machine toimplement transaction, which is poor in security and convenience.

SUMMARY OF THE INVENTION

The object of the present invention is to provide a method of onlinetransaction, a visual financial IC card, a client and a server, whichcan implement online transaction without POS machine and improveconvenience and security of financial IC card transaction.

According an aspect of the present invention, the present inventionprovides an online transaction method, includes:

-   -   Step S1, receiving, by a visual financial IC card, transaction        transferring data sent from a client, obtaining transaction data        from the transaction transferring data;    -   Step S2, receiving, by the visual financial IC card, an online        PIN entered by a user, encrypting the online PIN to obtain        online PIN ciphertext;    -   Step S3, performing, by the visual financial IC card, behavior        analyzing to obtain a card behavior analyzing result, setting a        first transaction result according to the card behavior        analyzing result, organizing a message according to the first        transaction result, the card behavior analyzing result, the        transaction data and the online PIN ciphertext, sending the        message to the client;    -   Step S4, receiving, by the visual financial IC card, an online        response package sent from the client, executing completing        processing operation according to the online response package to        obtain a completing processing result, setting a second        transaction result according to the completing processing        result, displaying corresponding information according to the        second transaction result; and    -   Step S5, organizing, by the visual financial IC card, a data        package according to the second transaction result and the        completing processing result, sending the data package to the        client.

Preferably, in the above method, after Step S1, the method furtherincludes: determining, by the visual financial IC card, whether thetransaction transferring data is complete, if yes, executing Step S2,otherwise, returning error information to the client, ending process.

Specifically, the transaction transferring data includes APDUinstruction and transaction data, the APDU instruction includestransaction data length; determining whether the transactiontransferring data is complete specifically includes: determining whetherthe length of the transaction data is equal to the transaction datalength, if yes, determining that the transaction transferring data iscomplete; otherwise, the transaction transferring data is determined tobe incomplete.

Preferably, after Step S1, the method further includes: the visualfinancial IC card determines whether the format of the transactiontransferring data is correct, if yes, executing Step S2; otherwise,returning error information to the client; end process;

Specifically, the transaction data includes: transaction amount andtransaction type; determining whether the format of the transactiontransferring data is correct specifically includes: determining whetherthe transaction amount and the transaction type are matched, if yes, theformat of the transaction transferring data is correct; otherwise, theformat of the transaction transferring data is not correct;

More specifically, determining whether the transaction amount and thetransaction type are matched specifically includes: determining whetherthe transaction amount is zero in the case that the transaction type isconsumption, if yes, the transaction amount and the transaction type aredetermined not to be matched; otherwise, the transaction amount and thetransaction type are determined to be matched; determining whether thetransaction amount is zero in the case that the transaction type ischecking main account balance, if yes, the transaction amount and thetransaction type are matched; otherwise, the transaction amount and thetransaction type are not matched.

Preferably, the transaction data can include transaction amount; beforereceiving the online PIN input by the user the method further includes:determining, by the visual financial IC card, whether requires the userto confirm the transaction amount, if no, receiving the online PIN inputby the user; if yes, displaying the transaction amount, waiting forreceiving the transaction amount confirming information input by theuser; if the transaction amount confirming information is received,executing receiving the online PIN input by the user; if the transactionamount confirming information is not received, returns error informationto the client; ending process;

Specifically, the transaction data further includes transaction type;determining whether requires the user to confirm transaction amountspecifically includes: determining, by the visual financial IC card, thetransaction type, if the transaction type is consumption, it requiresthe user to confirm the transaction amount; if the transaction type ischecking main account balance, it does not require the user to confirmthe transaction amount.

Preferably, the transaction data can include transaction amount;

before receiving the online PIN entered by the user, the method furtherincludes following steps:

Step 1-1, determining, by the visual financial IC card, whether thetransaction amount is more than a preset amount, if yes, receiving theonline PIN entered by the user; otherwise, executing step 1-2; and

Step 1-2, determining, by the visual financial IC card, whether a cachedonline PIN exists, if yes, reading the cached online PIN, encrypting theonline PIN to obtain the online PIN ciphertext, executing step S3;otherwise, receiving the online PIN entered by the user;

Correspondingly, after receiving the online PIN entered by the user, themethod further includes: caching the online PIN.

Preferably, in the above mentioned method, the card behavior resultincludes application ciphertext;

setting the first transaction result according to the card behavioranalyzing result specifically comprises: checking, by the visualfinancial IC card, the application ciphertext in the card behavioranalyzing result, setting the first transaction result as an onlinerequirement in the case that the application ciphertext is authorizationrequest ciphertext; setting the first transaction result as refusingtransaction in the case that the application ciphertext is applicationauthentication ciphertext;

Specifically, when the first transaction result is refusing transaction,after Step S3, the method further includes: refusing, by the visualfinancial IC card, transaction, displaying information of refusingtransaction, ending process.

Preferably, in the method, organizing the message according to the firsttransaction result, the card behavior analyzing result, the transactiondata and the online PIN ciphertext specifically includes followingsteps:

2-1) organizing, by the visual financial IC card, transaction messageaccording to the first transaction result, the card behavior analyzingresult, the transaction data, and sending the transaction message to theclient; and

2-2) receiving, by the visual financial IC card, an instruction requestsent by the client, organizing the response message according to theonline PIN ciphertext, sending the response message to the client.

Preferably, in the method, the completing processing result comprisesapplication ciphertext; setting the second transaction result accordingto the completing processing result specifically includes: checking, bythe visual financial IC card, the application ciphertext in thecompleting processing result, setting the second transaction result astransaction approval in the case that the application ciphertext istransaction certificate, setting the second transaction result asrefusing transaction in the case that the application ciphertext isapplication authentication ciphertext;

specifically, displaying corresponding information according to thesecond transaction result specifically includes: displaying, by thevisual financial IC card, information of successful transaction in thecase that the second transaction result is transaction approval;displaying information of refusing transaction in the case that thesecond transaction result is refusing transaction.

Preferably, in the method, after receiving the online response packagesent from the client, before executing the completing result to obtainthe completing processing result, the method further includes: checking,by the visual financial IC card, whether card issuer authorization datais included in the online response package, if yes, authenticating thecard issuer authorization data and keeping on performing completingprocessing to obtain the completing processing result, otherwise,keeping on performing completing processing to obtain the completingprocessing result.

Preferably, after Step S4, the method further includes following steps:

Step 3-1, checking, by the visual financial IC card, whether card issuerscript is included in the online response package, if yes, executingstep 3-2; otherwise, execute Step S5;

Step 3-2, executing, by the visual financial IC card, the issuer script,if executing is successful, executing step 3-3; if executing is error,displaying corresponding error information and executing step 3-3; and

Step 3-3, organizing, by the visual financial IC card, the data packageaccording to the second transaction result, the issuer script executingresult and the completing processing result, sending the data packageobtained by organizing to the client, ending.

Preferably, the method further includes following steps:

Step T1, receiving, by the client, the message sent by the visualfinancial IC card, determining whether the first transaction result inthe message is online request, if yes, executing Step T2, otherwise,displaying information of failed transaction, ending;

Step T2, organizing, by the client, online message according to themessage and sending the online message to a server according to themessage, receiving a response returned by the server, if the responsereturned by the server is online response package, sending the onlineresponse package to the visual financial IC card, executing Step T3;otherwise, displaying corresponding error information, ending; and

Step T3, receiving, by the client, a data package sent by the visualfinancial IC card, determining whether transaction is approved accordingto the second transaction result in the data package, if yes, displayinginformation of successful transaction; otherwise, displaying informationof refusing transaction, ending.

Specifically, in Step T3, when the transaction is approved, the methodfurther includes: printing transaction credit.

Further, the method further includes following steps:

-   -   Step U1, the server receives online message sent from the        client, determines whether the type of online message is        correct, if yes, executes Step U2, otherwise, executes Step U4;    -   Step U2, the server analyzes the online message, if the        analyzing is successful, executes Step U3, otherwise, executes        Step U4;    -   Step U3, the server checks and verifies necessary data item in        the online message, if the online message includes the necessary        data item and the necessary data item is verified successfully,        the server organizes online response package, returns the online        response package to the client; otherwise, executes Step U4;    -   Step U4, the server organizes error response package, returns        error response package to the client.

According to another aspect of the present invention, the presentinvention provides a visual financial IC card which includes:

-   -   a receiving module configured to receive transaction        transferring data and an online response package sent from a        client;    -   an obtaining module configured to obtain transaction data from        the transaction transferring data received by the receiving        module;    -   an inputting module configured to receive an online PIN input by        a user;    -   an encrypting module configured to encrypt the received online        PIN received by the inputting module to obtain online PIN        ciphertext;    -   a first performing module configured to perform behavior        analyzing to obtain a card behavior analyzing result;    -   a first setting module configured to set a first transaction        result according to the card behavior analyzing result obtained        by the first performing module;    -   a first organizing module configured to organize message        according to the first transaction result set by the first        setting module, the card behavior analyzing result obtained by        the first performing module, the transaction data obtained by        the obtaining module and the online PIN obtained by the        encrypting module;    -   second performing module configured to perform completing        processing according to the online response received by the        receiving module to obtain a completing processing result;    -   a second setting module configured to set a second transaction        result according to the completing processing result obtained by        the second performing module;    -   a displaying module configured to display corresponding        information according to the second transaction result set by        the second setting module;    -   a second organizing module configured to organize data package        according to the second transaction result set by the second        setting module and the completing processing result obtained by        the second performing module;    -   a sending module configured to send the message organized by the        first organizing module and the data package organized by the        second organizing module to the client.

Preferably, the visual financial IC card further includes: a firstdetermining module configured to determine whether the transactiontransferring data received by the receiving module is complete;correspondingly, the inputting module specifically is configured toreceive an online PIN input by the user in the case that the determiningresult of the first determining module is complete; the sending moduleis further configured to return error information to the client in thecase that the determining result of the first determining module is notcomplete;

specifically, the first determining module is configured to determinewhether the length of the transaction data in the transactiontransferring data received by the receiving module is equal totransaction data length in the transaction transferring data, if yes,the transaction transferring data received by the receiving module iscomplete; otherwise, the transaction transferring data received by thereceiving module is not complete.

Preferably, the visual financial IC card further can include a seconddetermining module configured to determine whether format of thetransaction transferring data received by the receiving module iscorrect; correspondingly,

specifically, the inputting module is configured to receive an onlinePIN input by the user in the case that a determining result of thesecond determining module is correct;

further, the sending module is configured to return error information tothe client in the case that the determining result of the seconddetermining module is not correct.

Further, the second determining module specifically includes:

a determining unit configured to determine whether the transactionamount in the transaction data obtained by the obtaining module matchesthe transaction type in the transaction data;

a confirming unit configured to confirm the format of the transactiontransferring data received by the receiving module is correct in thecase that the determining result of the determining unit is matched;confirm the format of the transaction transferring data received by thereceiving module is not correct in the case that the determining resultof the determining unit is not matched;

Further, the determining unit specifically is configured to determinewhether the transaction amount in the transaction data is zero in thecase that the transaction type in the transaction data obtained by theobtaining module is consumption, if yes, the transaction amount in thetransaction data obtained by the obtaining module does not match thetransaction type in the transaction data; otherwise, the transactionamount in the transaction data obtained by the obtaining module matchesthe transaction type in the transaction data; determine whether thetransaction amount in the transaction transferring data is zero in thecase that the transaction type in the transaction data obtained by theobtaining module is checking main account balance, if yes, thetransaction amount in the transaction data obtained by the obtainingmodule matches the transaction type in the transaction data; otherwise,the transaction amount in the transaction data obtained by the obtainingmodule does not match the transaction type in the transaction data.

Preferably, the visual financial IC card further includes a thirddetermining module configured to determine whether a transaction amountis required to be confirmed by the user; correspondingly, further, thedisplaying module is configured to display the transaction amount in thetransaction data obtained by the obtaining module in the case thatdetermining result of the third determining module is that thetransaction amount is required to be confirmed by the user; and theinputting module is further configured to receive a transaction amountconfirming information input by the user in the case that thedetermining result of the third determining module is that thetransaction amount is required to be confirmed by the user.

Further, the third determining module specifically is configured todetermine the transaction type in the transaction data obtained by theobtaining module, if the transaction type is consumption, the user isrequired to confirm transaction amount; if the transaction type ischecking main account balance, the user is not required to confirm thetransaction amount.

Preferably, the visual financial IC card further includes: a fourthdetermining module and a caching module; the caching module isconfigured to cache the online PIN received by the inputting module; thefourth determining module further comprises:

a first determining unit configured to determine whether the transactionamount in the transaction data obtained by the obtaining module is morethat a preset amount;

a second determining module configured to determine whether a cachedonline PIN exists in the case that the determining result of the firstdetermining unit is no;

a reading unit configured to read the cached online PIN in the case thatthe determining result of the second determining unit is no;

an encrypting unit configured to encrypt the online PIN read by thereading unit to obtain online PIN ciphertext;

correspondingly, the inputting module specifically is configured toreceive the online PIN input by the user in the case that thedetermining result of the first determining result is yes or thedetermining result of the second determining unit is no.

Preferably, the first setting module in the visual financial IC cardspecifically is configured to check application ciphertext in the cardbehavior analyzing result obtained by the first performing module, setthe first transaction result as an online request if the applicationciphertext is authorization request ciphertext; set the firsttransaction result as refusing transaction if the application ciphertextis application authentication ciphertext.

Further, the visual financial IC card can further include: a refusingmodule configured to refuse transaction in the case that the firsttransaction result set by the first setting module is refusingtransaction; correspondingly, the displaying module further configuredto display information of refusing transaction in the case that thefirst transaction result set by the first setting module is refusingtransaction.

Preferably, the receiving module further is configured to receive aninstruction request sent by the client.

Correspondingly, the first organizing module can specifically include:

a first organizing unit configured to organize transaction messageaccording to the first transaction result set by the first settingmodule, the behavior analyzing result obtained by the first performingmodule and the transaction data obtained by the obtaining module;

a second organizing unit configured to organize response messageaccording to the online PIN obtained by the encrypting module in thecase that the receiving module receives an instruction request;

correspondingly, the sending module specifically is configured to sendthe transaction message organized by the first organizing unit and theresponse message organized by the second organizing unit to the client.

Preferably, the second setting module in the visual financial IC cardcan specifically be configured to check the application ciphertext inthe completing processing result obtained by the second performingmodule; if the application ciphertext is transaction certificate, thesecond transaction result is set to be approving transaction; if theapplication ciphertext is application authentication ciphertext, thesecond transaction result is set to be refusing transaction;

Further, the displaying module can specifically be configured to displayinformation of successful transaction in the case that the secondtransaction result set by the second setting module is approvingtransaction; display information of refusing transaction in the casethat the second transaction result set by the second setting module isrefusing transaction.

Preferably, the visual financial IC card further comprises: a firstchecking module and an the authenticating module, wherein

the first checking module is configured to check whether card issuerauthorization data is included in the online response package receivedby the receiving module; and the authenticating module is configured toauthenticate the card issuer authorization data included in the onlineresponse package received by the receiving module in the case that thechecking result of the first checking module is that the card issuerauthorization data is included in the online response package receivedby the receiving module.

Preferably, the visual financial IC card further includes: the secondchecking module and the third performing module, wherein the secondchecking module is configured to check whether card issuer script isincluded in the online response package received by the receivingmodule; and the third performing module is configured to perform theissuer script in the online response package received by the receivingmodule in the case that the second checking module determines that theissuer script is included in the online response package received by thereceiving module;

correspondingly, the second organizing module specifically is configuredto organize data package according to the second transaction result setby the second setting module, the performing result of the thirdperforming module and the completing processing result obtained by thesecond performing module; and the displaying module is furtherconfigured to display corresponding error information in the case thatthe performing result of the third performing result is error.

According to another aspect of the present invention, the presentinvention provides a client which includes:

a first receiving module configured to receive message and data packagewhich are sent by the visual financial IC card;

a first determining module configured to determine whether a firsttransaction result in the message received by the first receiving moduleis an online request;

an organizing module configured to organize online message according tothe message received by the first receiving module in the case that thedetermining result of the first determining module is yes;

a first sending module configured to send the online message organizedby the organizing module to a server;

a second receiving module configured to receive a response returned bythe server;

a second sending module configured to send the online response packageto the visual financial IC card in the case that the response receivedby the second receiving module is online response package;

a second determining module configured to determine whether transactionis approved according to the second transaction result in the datapackage received by the first receiving module;

a displaying module configured to display information of failedtransaction in the case that the determining result of the firstdetermining module is no; display corresponding error information in thecase that the response received by the second receiving module is notonline response package; display information of successful transactionin the case that the determining result of the second determining moduleis yes; display information of refusing transaction in the case that thedetermining result of the second determining module is “No”.

Preferably, the client further includes: a printing module configured toprint transaction credit in the case that the determining result of thesecond determining module is yes.

According to another aspect of the present invention, the presentinvention provides a server, which includes:

a receiving module configured to receive online message sent by aclient;

a determining module configured to determine whether the type of theonline message received by the receiving module is correct;

an analyzing module configured to analyze the online message received bythe receiving module in the case that the determining result of thedetermining module is yes;

a checking and authenticating module configured to check andauthenticate the online message received by the receiving module in thecase that analyzing of the analyzing module is successful, if the onlinemessage includes necessary data item and authenticating of the necessarydata item is successful, checking and authenticating is successful;otherwise, checking and authenticating is not successful;

a first organizing module configured to organize online response packagein the case that the checking and authenticating of the checking andauthenticating module is successful;

a second organizing module configured to organize error response packagein the case that determining result of the determining module is no, theanalyzing of the analyzing module is not successful or the checking andauthenticating of the checking and authenticating module is notsuccessful; and

a sending module configured to send an online response package organizedby the first organizing module and the error response package organizedby the second organizing module to the client.

The advantage of the present invention is: without help of a transactionterminal such as POS machine, the present invention implements onlinetransaction of financial IC card, which improves security and easinessof the transaction of financial IC card.

BRIEF DESCRIPTION OF ACCOMPANYING DRAWINGS

FIG. 1 is a flow chart of online transaction of Embodiment 1 of thepresent invention;

FIG. 2 and FIG. 3 show a flow chart of a working method of a visualfinancial IC card of Embodiment 2 of the present invention;

FIG. 4 , FIG. 5 and FIG. 6 show a flow chart of online transaction ofEmbodiment 2 of the present invention.

FIG. 7 is a frame chart of a visual financial IC card of Embodiment 3 ofthe present invention;

FIG. 8 is a frame chart of a client of Embodiment 3 of the presentinvention;

FIG. 9 is a frame chart of a server of Embodiment 3 of the presentinvention.

DETAILED DESCRIPTION OF THE INVENTION

The technical solutions of the embodiments of the disclosure aredescribed clearly and completely in conjunction with the accompanyingdrawings as follows.

Embodiment 1

FIG. 1 shows a flow chart of an online transaction method in the presentembodiment. The online transaction method includes following steps:

Step S1, a visual financial IC card receives transaction transferringdata sent from a client, obtains transaction data from the transactiontransferring data;

Step S2, the visual financial IC card receives an online PIN input by auser, encrypts the online PIN to obtain online PIN ciphertext;

Step S3, the visual financial IC card performs behavior analyzing toobtain a card behavior analyzing result, sets a first transaction resultaccording to the card behavior analyzing result, organizes messageaccording to the first transaction result, the card behavior analyzingresult, transaction data and online PIN ciphertext, sends the message tothe client;

Step S4, the visual IC card receives an online response package sentfrom the client, performs completing processing according to the onlineresponse package to obtain a completing processing result, sets a secondtransaction result according to the completing processing result,displays corresponding information according to the second transactionresult;

Step S5, the visual financial IC card organizes a data package accordingto the second transaction result and the completing processing resultand sends the data package to the client.

In Embodiment 1, the visual financial IC card can send the message at atime or send the message in parts for several times to the client;preferably, in Step 3, sets a first transaction result according to thecard behavior analyzing result, organizes message according to a firsttransaction result, the card behavior analyzing result, transaction dataand online PIN ciphertext, sends the message to the client, whichspecifically includes:

Step 2-1, the visual financial IC card organizes transaction messageaccording to the first transaction result, the card behavior analyzingresult and the transaction data, sends the transaction message to theclient;

Step 2-2, the visual financial IC card receives an instructionrequirement sent from the client, organizes response message accordingto the PIN ciphertext, sends the response message to the client.

Further, the online transaction method further includes following steps:

Step T1, the client receives message sent by the visual financial ICcard, determines whether the first transaction result in the message isan online request, if yes, executes StepT2, otherwise, displaysinformation of failed transaction, ends process;

Step T2, the client organizes online message according to the message,sends the online message to the server, receives a response returned bythe server, if the response returned by the server is the onlineresponse package, sends the online response package to the visualfinancial IC card, executes Step T3; otherwise, display correspondingerror information; ends process;

Step T3, the client receives data package sent from the visual financialIC card, determines whether the transaction is approved according to thesecond transaction result in the data package, if yes, displaysinformation of successful transaction, ending; otherwise, displaysinformation of refusing transaction, ends process.

In this case, in Step T3, when the transaction is approved, the methodfurther includes printing transaction credit.

Further, the online transaction method further includes following steps:

Step U1, the server receives online message sent from the client,determines whether type of online message is correct, if yes, executesStep U2, otherwise, executes Step U4;

Step U2, the server analyzes the online message, if the analyzing issuccessful, executes Step U3, otherwise, executes Step U4;

Step U3, the server checks and verifies necessary data item in theonline message, if the online message includes necessary data item andthe necessary data item is verified successfully, the server organizesonline response package and returns the online response package to theclient, otherwise, executes step U4;

Step U4, the server organizes error response package, returns errorresponse package to the client.

Embodiment 2

As shown in FIG. 2 and FIG. 3 , a working flow of a working method forvisual financial IC card is provided in Embodiment 2. The method isapplied in a system of visual financial IC card, a client and a serverand the client is an application installed in a terminal device. Themethod further includes following steps:

Step 101, the visual financial IC card receives transaction transferringdata sent from the client;

Specifically, the visual financial IC card receives the transactiontransferring data sent from the client, obtains transaction amount,transaction date, transaction time and transaction type from thetransaction transferring data, and stores the transaction amount,transaction date, transaction time and transaction type.

In Embodiment 2, the transaction transferring data includes APDUinstruction and transaction data; in this case, the APDU instructionincludes transaction type and transaction data length; the transactiondata includes transaction amount, transaction date and transaction time.For example, the visual financial IC card receives the transactiontransferring data sent from the client, i.e.“0x7e0x410x000x000x0c0x000x000x000x010x230x000x160x030x220x170x100x22”,obtains the first five bytes of the transaction transferring data, i.e.“0x7e0x410x000x000x0c”, as the APDU instruction, obtains the secondbytes, i.e. “0x41”, of the APDU instruction as the transaction type,which represents the transaction type is consuming; obtains the sixth toeleventh bytes of the transaction transferring data, i.e.“0x000x000x000x010x230x00”, as the transaction amount, which representsthat the transaction amount is RMB123.00, obtains the twelfth toseventeenth byte of the transaction transferring data, i.e.“0x160x030x220x170x100x22”, as transaction date and transaction time,which represents 10 minutes and 22 second past 17 on Mar. 22, 2016.

Step 102, the visual financial IC card determines whether thetransaction transferring data is completed, if yes, executes Step 104,otherwise, executes Step 103.

Specifically, the visual financial IC card can determine whether thelength of the transaction data in the transaction transferring dataequals the transaction data length included in the APDU instruction inthe transaction transferring data, if yes, the transaction transferringdata is determined to be complete; otherwise, the transactiontransferring data is determined to be not complete.

For example,“0x7e0x410x000x000x0c0x000x000x000x010x230x000x160x030x220x170x100x22”is transaction transferring data received by the visual financial ICcard from the client, the first five bytes, i.e. “0x7e0x410x000x000x0c”,of the transaction transferring data is obtained as APDU instruction,the fifth byte, i.e. “0x0c”, of the APDU instruction is obtained astransaction data length, which is equivalent to decimal number 12; thedata in the transaction transferring data except for the APDUinstruction, i.e. “0x000x000x000x010x230x000x160x030x220x170x100x22”, isobtained as transaction data, if the length of the transaction data is12 bytes, the visual financial IC card determines that the transactiontransferring data is complete, otherwise, the visual financial IC carddetermines that the transaction transferring data is not complete.

Step 103, the visual financial IC card returns error information to theclient, ending the procedure.

Step 104, the visual financial IC card determines whether the format ofthe transaction transferring data is correct, if yes, executes Step 105;otherwise, goes back to Step 103.

Specifically, the visual financial IC card can determine whether thetransaction amount in the transaction transferring data matches thetransaction type, if yes, the format of the transaction transferringdata is correct; otherwise, the format of the transaction transferringdata is not correct.

In Embodiment 2, when the transaction type is a first preset value, thetransaction type represents consumption; when the transaction type is asecond preset value, the transaction type represents checking mainaccount balance, when the transaction type is a third preset value, thetransaction type represents electronic cash credit for load. Forexample, the first preset value is “0x41”, the second preset value is“0x42”, the third preset value is “0x40”.

Correspondingly, when the transaction type is the first preset value andthe third preset value, the visual financial IC card determines whetherthe transaction amount is zero, if yes, the format of the transactiontransferring data is determined to be incorrect; otherwise, the formatof the transaction transferring data is correct; when the transactiontype is the second preset value, the visual financial IC card determineswhether the transaction amount is zero, if yes, the format of thetransaction transferring data is determined to be correct; otherwise,the format of the transaction transferring data is incorrect.

For example,“0x7e0x410x000x000x0c0x000x000x000x010x230x000x160x030x220x170x100x22”is transaction transferring data received by the visual financial ICcard from the client, the second byte, i.e. 0x41, in the transactiontransferring data is obtained as transaction type representing that thetransaction type is consumption; the data from the sixth byte to theeleventh byte, i.e. “0x000x000x000x010x230x00”, in the transactiontransferring data is obtained as transaction amount representing thatthe transaction amount is 123.00RMB, then the visual financial IC cardconfirms that the format of transaction transferring data is correct.

Step 105, the visual financial IC card reads configuration informationof itself.

In Embodiment 2, the configuration information of the visual financialIC card can specifically includes: an interface device sequence number,terminal country code, terminal capability and terminal type,transaction currency code, etc.

Further, Step 105 can include checking a card type;

In Embodiment 2, the card type detected by the visual financial IC cardis contact card.

Step 106, the visual financial IC card performs application selectingoperation.

Specifically, the visual financial IC card selects an applicationsupported by the visual financial IC card itself from an applicationselecting list.

Step 107, the visual financial IC card performs processing optionobtaining operation.

Specifically, the visual financial IC card obtains AIP (ApplicationInterchange Profile) and AFL (Application File Locator).

Step 108, the visual financial IC card performs record readingoperation.

Specifically, the visual financial IC card reads application datarequired by the transaction according to AFL.

In Embodiment 2, the application data required by the transactionincludes: a card holder verification method list, CA public key index,public key certificate of card issuer, application version, country codeof card issuer, effective date of application, expire date ofapplication, controlling of application usage, application PAN,application PAN sequence number and second, equivalent magnetic track,etc.

Step 109, the visual financial IC card determines whether requires theuser to confirm transaction amount according to transaction transferringdata, if yes, executes Step 110; otherwise, executes Step 112.

Specifically, the visual financial IC card determines whether to displaythe transaction amount according to transaction type, if yes, executesStep 110; otherwise, executes Step 112.

Specifically, the visual financial IC card determines the transactiontype, if the transaction type is consuming or electronic cash credit forload, the user is required to confirm transaction amount; if thetransaction type is checking main account balance, the user is notrequired to confirm transaction amount.

In Embodiment 2, if the transaction type in the transaction transferringdata is a first preset value, the transaction type is consumption; ifthe transaction type in the transaction transferring data is a secondpreset value, the transaction type is checking main account balance; ifthe transaction type in the transaction transferring data is a thirdpreset value, the transaction type is electronic cash credit for load.For example, the first preset value is “0x41”, the second preset valueis“0x42”, the third preset value is “0x40”.

Step 110, the visual financial IC card displays transaction amount andwaits for the user to confirm.

For example, when the transaction amount is “0x000x000x000x010x230x00”,the visual financial IC card displays “123.00RMB”.

Step 111, the visual financial IC card determines whether obtainstransaction amount confirming information input by the user in a firstpreset time, if yes, executes Step 112; otherwise, goes back to Step103.

Specifically, the visual financial IC card can determine whether a firstpreset key is triggered in a first preset time, if yes, the visualfinancial IC card determines receiving transaction amount confirminginformation input by the user in the first preset time, otherwise, thevisual financial IC card determines not receiving transaction amountconfirming information input by the user in the first preset time.

In this case, the first key is confirming key.

Step 112, the visual financial IC card executes offline dataauthenticating operation.

In embodiment 2, the offline data authentication can be SDA (static dataauthentication)) or DDA (dynamic data authentication).

Step 113, the visual financial IC card executes processing limitingoperation.

Step 114, the visual financial IC card determines whether requires theuser to input online PIN according to the transaction transferring data,if yes, executes Step 115; otherwise, executes Step 116.

Specifically, the visual financial IC card determines whether thetransaction amount in the transaction transferring data is more than apreset amount, if yes, the user is required to input online PIN, if thetransaction amount is less than or equal to the preset amount, thenfurther determines whether there is cached online PIN in itself, if yes,the user is not required to input online PIN, if no, the user isrequired to input online PIN.

Step 115, the visual financial IC card determines whether receives anonline PIN input by the user in a second preset time, if yes, encryptsthe online PIN to obtain ciphertext of the online PIN, executes Step116; otherwise, goes back to Step 103.

Step 116, the visual financial IC card executes terminal risk managingoperation.

Step 117, the visual financial IC card executes terminal behavioranalyzing operation to obtain a terminal behavior analyzing result.

In this case, the terminal behavior analyzing result can be requiringonline operation or requiring refusing transaction.

Step 118, the visual financial IC card executes card behavior analyzingoperation according to the terminal behavior analyzing result to obtaina card behavior analyzing result.

In Embodiment 2, the card behavior analyzing result can include:ciphertext information data, application ciphertext, applicationtransaction counter and card issuer application data; in this case, theapplication ciphertext can be Authorization Request Cryptogram,hereinafter referred to as ARQC, which is for indicating onlineauthentication request; the application ciphertext can be ApplicationAuthentication Cryptogram, hereinafter referred to as AAC, which is forindicating refusing transaction.

Step 119, the visual financial IC card sets a first transaction resultaccording to the card behavior analyzing result, if the first presettransaction result is refusing transaction, executes Step 120, if thefirst transaction result is an online request, executes Step 121.

Specifically, if the application ciphertext in the card behavioranalyzing result is ARQC, the visual financial IC card sets the firsttransaction result as online request; if the application ciphertext inthe card behavior analyzing result is AAC, the visual financial IC cardsets the first transaction result as refusing transaction.

For example, if the application ciphertext in the card behavioranalyzing result is ARQC, the visual financial IC card sets the firsttransaction result as “0x02”; if the application ciphertext in the cardbehavior analyzing result is AAC, the visual financial IC card sets thefirst transaction result as “0x01”.

Step 120, the visual financial IC card organizes transaction messageaccording to the first transaction result, sends the transaction messageto the client, refuses transaction, displays information of refusingtransaction, ends the procedure.

Step 121, the visual financial IC card organizes transaction messageaccording to the first transaction result, sends the transaction messageto the client, executes Step 122;

In Embodiment 2, the transaction message can include the firsttransaction result, the transaction amount, the transaction date, acardholder verifying result, the interface device sequence number andthe card issuer application data, the first transaction result can berefusing transaction or the online request.

Further, the transaction message can include one or some of followingitems: the application ciphertext, ciphertext information data, anunpredictable number, the application transaction counter, a terminalverifying result, transaction type, the transaction currency code,application interaction feature, terminal country code, other amount,terminal capacity, special file name, an application version, atransaction sequence counter. For example, according to the firsttransaction result “0x02”, the terminal verifying result“0x950x050x080x800x000x000x00”, the transaction date “0x9a0x030x160x030x22”, the unpredictable number “0x9f0x370x040x730x550x820xec”, theapplication transaction counter “0x9f0x360x020x000x24”, the ciphertextinformation data “0x9f0x270x010x80”, the application ciphertext“0x9f0x260x080x330x370x6f0xbd0x790x960x650xe5”, the card issuerapplication data“0x9f0x100x130x070x010x010x030xa40xb80x040x010x0a0x010x000x000x200x000x000xb10x910xcc0xd2”, the cardholder verifyingresult“0x9f0x340x030x010x000x02”, transaction sequence counter“0x9f0x410x040x000x000x000x01”, the special file name“0x840x070xa00x000x000x030x330x010x01”, the application version number“0x9f0x090x020x000x8c”, the transaction type “0x9c0x010x00”, thetransaction currency code “0x5f0x2a0x020x010x56”, the terminal countrycode “0x9f0x1a0x020x010x56”, other amount“0x9f0x030x060x000x000x000x000x000x00”, the terminal capacity“0x9f0x330x030xa00xc80xc8”, the terminal type “0x9f0x350x010x34”, theinterface device sequence number“0x9f0x1e0x080x000x000x000x000x000x000x000x00” and the transactionamount “0x9f 0x020x060x000x000x000x010x230x00”, the visual financial ICcard organizes following transaction message:

“0x020x950x050x080x800x000x000x000x9a0x030x160x030x220x9f0x370x040x730x550x820xec0x820x020x7c0x000x9f0x360x020x000x240x9f0x270x010x800x9f0x260x080x330x370x6f0xbd0x790x960x650xe50x9f0x100x130x070x010x010x030xa40xb80x040x010x0a0x010x000x000x200x000x000xb10x910xcc0xd20x9f0x340x030x010x000x020x9f0x410x040x000x000x000x010x840x070xa00x000x000x030x330x010x010x9f0x090x020x000x8c0x9c0x010x000x5f0x2a0x020x010x560x9f0x1a0x020x010x560x9f0x030x060x000x000x000x000x000x000x9f0x330x030xa00xc80xc80x9f0x350x010x340x9f0x1e0x080x000x000x000x000x000x000x000x000x9f0x020x060x000x000x000x010x230x000x900x00”, in which the last two bytes“0x900x00” are successful state code.

Step 122, the visual financial IC card receives an instruction requestfrom a client, organizes response message and sends the response messageto the client.

In this case, the response message includes application PAN, applicationPAN sequence number, second equivalent magnetic track data, ciphertextof online PIN and a code indicating input way of service point; inEmbodiment 2, the code indicating input way of service point is a fixedvalue, for example, according to application PAN“0x5a0x080x620x280x000x010x000x000x110x17”, application PAN sequencenumber“0x5f0x340x010x01”, second equivalent magnetic trackdata“0x570x110x620x280x000x010x000x000x110x170xd30x010x220x010x010x230x450x670x89”, ciphertext of online PIN“0x990x080xa40x010x580xf10xb40x710x3e0xc2” and a code indicating inputway of service point “0xff0x040x020x050x10”, the visual financial ICcard organizes a response message:

“0x5a0x080x620x280x000x010x000x000x110x170x5f0x340x010x010x570x110x620x280x000x010x000x000x110x170xd30x010x220x010x010x230x450x670x890x990x080xa40x010x580xf10xb40x710x3e0xc20xff0x040x020x050x100x900x00”.

Step 123, the visual financial IC card receives an online responsepackage from the client.

In this case, the online response package can include an online resultand an authorization response code, the online response package canfurther include card issuer script and card issuer authorization data.

For example, the online response package can be “0x000x8a0x020x300x30”,in which “0x00” is an online result representing normal online and“0x8a0x020x300x30” is the authorization response code.

Step 124, the visual financial IC card executes completing processingoperation according to the online response package, obtains a completingprocessing result, sets a second transaction result according to thecompleting processing result, displays corresponding informationaccording to the second transaction result.

In Embodiment 2, the completing processing result can include:ciphertext information data, application ciphertext, applicationtransaction counter and card issuer application data; in this case, theapplication ciphertext can be Transaction Certificate, hereinafterreferred to as TC, or AAC.

When the application ciphertext in the completing processing result isTC, the second transaction result is set to be approving transaction;when the application ciphertext in the completing processing result isAAC, the second transaction result is set to be refusing transaction;

when the second transaction result is approving transaction, the visualfinancial IC card displays information of successful transaction; whenthe second transaction result is refusing transaction, the visualfinancial IC card displays information of refusing transaction.

It should be noted that, when the online response package received fromthe client by the visual financial IC card includes card issuer script,after Step 124, the method further includes that the financial IC cardexecutes card issuer script, displays corresponding error message in thecase that executing is error; when the online response package receivedfrom the client by the visual financial IC card includes card issuerauthorization data, before step 124, the method further includes thatthe visual financial IC card verifies the card issuer authorizationdata.

Step 125, the visual financial IC card organizes data package accordingto the second transaction result and sends the data package to theclient.

In this case, the data package can include the second transactionresult, a terminal verification result (TVR), an application transactioncounter (ATC), ciphertext information data (CID), application ciphertext(AC) and card issuer application data; the data package can furtherinclude a result of executing card issuer script. For example, accordingto the second transaction result “0x00”,TVR“0x950x050x080x800x000x800x00”, ATC“0x9f0x360x020x00 0x3c”,CID“0x9f0x270x010x40”, AC “0x9f0x260x080x3f0xd40x5d0x670x430x080x9b0x32”and card issuer applicationdata“0x9f0x100x080x070x010x010x030x640xbc0x040x01”, the visual financialIC card organizes data package as the following:

“0x000x950x050x080x800x000x800x000x9f0x360x020x000x3c0x9f0x270x010x400x9f0x260x080x3f0xd40x5d0x670x430x080x9b0x320x9f0x100x080x070x010x010x030x640xbc0x040x01”, in which the first byte“0x00” is the second transaction result,representing approving transaction.

The visual financial IC card in Embodiment 2 interacts with the clientto complete transaction and verifies information from the client, whichcan improve security and convenience of the financial IC card.

According to the above working method of the visual financial IC card,Embodiment 2 of the present invention further provides an onlinetransaction process. As shown in FIG. 4 , FIG. 5 and FIG. 6 , theprocess includes following steps:

Step 201, the client sends transaction transferring data to the visualfinancial IC card.

The transaction transferring data can include transaction amount,transaction date, transaction time and transaction type.

In Embodiment 2, the transaction transferring data includes APDUinstruction and transaction data, of which the APDU instruction includestransaction type and transaction data length and the transaction dataincludes the transaction amount, the transaction date and thetransaction time.

For example,“0x7e0x410x000x000x0c0x000x000x000x010x230x000x160x030x220x170x100x22”is transaction transferring data received from the client by the visualfinancial IC card. “0x7e0x410x000x000x0c” is the APDU instruction, thesecond byte of the instruction “0x41” is transaction type representingthat the transaction type is consumption;

“0x000x000x000x010x230x00” is transaction amount representing that thetransaction amount is RMB123.00; “0x160x030x220x170x100x22” istransaction date and transaction time, which representing 10 minutes 22seconds past 17 on March 22, year 2016.

Step 202, the visual financial IC card obtains the transaction amount,the transaction date, the transaction time and the transaction type fromthe transaction transferring data and stores them.

Step 203, the visual financial IC card determines whether thetransaction transferring data is complete, if yes, executes Step 206;otherwise, executes Step 204.

Specifically, the visual financial IC card can determine whether thelength of the transaction data in the transaction transferring dataequals the transaction data length included in the APDU instruction inthe transaction transferring data, if yes, the visual financial IC carddetermines the transaction transferring data to be complete; otherwise,the visual financial IC card determines the transaction transferringdata to be incomplete.

For example,“0x7e0x410x000x000x0c0x000x000x000x010x230x000x160x030x220x170x100x22”is transaction transferring data received from the client by the visualfinancial IC card. “0x7e0x410x000x000x0c” is the APDU instruction, thefifth byte “0x0c” of the instruction is transaction data length which isequal to binary data 12;0x000x000x000x010x230x000x160x030x220x170x100x22” is transaction data,if the length of the transaction data is 12 bytes, the visual financialIC card determines that the transaction transferring data is complete;otherwise the visual financial IC card determines that the transactiontransferring data is incomplete.

Step 204, the visual financial IC card returns error information to theclient.

Step 205, the client displays error information and ends process.

Step 206, the visual financial IC card determines whether the format ofthe transaction transferring data is correct, if yes, executes Step 207;otherwise, goes back to Step 204.

Specifically, the visual financial IC card can determine whether thetransaction amount in the transaction transferring data matches thetransaction type, if yes, the format of the transaction transferringdata is correct; otherwise, the format of the transaction transferringdata is not correct.

In Embodiment 2, when the transaction type is a first preset value, thetransaction type represents consumption; when the transaction type is asecond preset value, the transaction type represents checking mainaccount balance. For example, the first preset value is “0x41”, thesecond preset value is “0x42”.

Correspondingly, when the transaction type is the first preset value,the visual financial IC card determines whether the transaction amountis zero, if yes, the format of the transaction transferring data isdetermined to be incorrect; otherwise, the transaction transferring datais determined to be correct; when the transaction type is the secondpreset value, the visual financial IC card determines whether thetransaction amount is zero, if yes, the format of the transactiontransferring data is determined to be correct; otherwise, the format ofthe transaction transferring data is determined to be incorrect.

For example,“0x7e0x410x000x000x0c0x000x000x000x010x230x000x160x030x220x170x100x22”is transaction transferring data received from the client by the visualfinancial IC card. In this case, “0x41” is transaction type presentingconsumption; the transaction amount is “0x000x000x000x010x230x00”representing that the transaction amount is RMB123, the visual financialIC card determines that the format of the transaction transferring datais correct.

Step 207, the visual financial IC card reads configuration informationof itself and detects card type.

Step 207 further includes detecting card type.

In Embodiment 2, the visual financial IC card detects that the card typeis contact card.

Step 208, the visual financial IC card executes application selectingoperation.

Specifically, the visual financial IC card selects an applicationsupported by the visual financial IC card from a application candidatelist.

Step 209, the visual financial IC card executes processing optionobtaining operation.

Specifically, the visual financial IC card obtains ApplicationInterchange Profile (AIP) and Application File Locator (AFL).

Step 210, the visual financial IC card executes record readingoperation.

Specifically, the visual financial IC card reads application datarequired by transaction according to the AFL.

Step 211, the visual financial IC card determines whether displaytransaction amount according to the transaction type, if yes, executesStep 212; otherwise, executes Step 214.

Specifically, the visual financial IC card determines the transactiontype, if the transaction type is the first preset value, the visualfinancial IC card determines to display the transaction amount; if thetransaction type is the second preset value, the visual financial ICcard determines not to display the transaction amount.

In Embodiment 2, when the transaction type is the first preset value, itrepresents that the transaction type is consumption; when thetransaction type is the second preset value, it represents that thetransaction type is checking main account balance. For example, thefirst preset value is “0x41”; the second preset value is “0x42”.

Step 212, the visual financial IC card displays transaction amount.

For example, when the transaction amount is “0x000x000x000x010x230x00”,the visual financial IC card displays “RMB123.00”.

Step 213, the visual financial IC card determines whether obtainstransaction amount confirming information input by the user in a firstpreset time, if yes, executes Step 214; otherwise, goes back to Step204.

Specifically, the visual financial IC card can determine whether itsfirst pressing key is triggered in the first preset time, if yes, thevisual financial IC card determines that the transaction amountconfirming information input by the user is obtained in the first presettime; otherwise, the visual financial IC card determines that thetransaction amount confirming information input by the user is notobtained in the first preset time.

In this case, the first pressing key may be a confirming key.

Step 214, the visual financial IC card executes offline data verifyingoperation.

Step 215, the visual financial IC card executes processing limitingoperation.

Step 216, the visual financial IC card prompts the user to input onlinePIN.

Further, before Step 216, the method further includes that the visualfinancial IC card determines whether requires the user to input onlinePIN according to the transaction transferring data, if yes, executesStep 216; otherwise, executes Step 218;

Specifically, the visual financial IC card determines whether thetransaction amount in the transaction transferring data is more than apreset amount, if the transaction amount in the transaction transferringdata is more than a preset amount, it requires the user to input theonline PIN; if the transaction amount in the transaction transferringdata is less than or equal to a preset amount, the visual financial ICcard further determines whether a cached online PIN exists, if yes, itdoes not require the user to input the online PIN; if no, it requiresthe user to input the online PIN.

Step 217, the visual financial IC card determines whether obtains theonline PIN input by the user in the second preset time, if yes, encryptthe online PIN to obtain the ciphertext of the online PIN, goes to Step218; otherwise, goes back to Step 204.

Step 218, the visual financial IC card executes terminal risk operatingoperation.

Step 219, the visual financial IC card executes terminal behavioranalyzing operation to obtain a terminal behavior analyzing result.

In this case, the terminal behavior analyzing result can be requiringonline or requiring refusing transaction.

Step 220, the visual financial IC card executes card behavior analyzingoperation according to the terminal behavior analyzing result to obtainthe card behavior analyzing result.

In Embodiment 2, the card behavior analyzing result can includeciphertext information data, application ciphertext, applicationtransaction counter and card issuer application data; in this case, theapplication ciphertext can be Authorization Request Cryptogram (ARQC)for indicating online authorization request; the application ciphertextcan be Application Authentication Cryptogram (AAC) for indicatingrefusing transaction.

Step 221, the visual financial IC card sets a first transaction resultaccording to the card behavior analyzing result, if the firsttransaction result is refusing transaction, executes Step 222; if thefirst transaction result is online request, executes Step 223.

Specifically, when the application ciphertext in the card behavioranalyzing result is ARQC, the visual financial IC card sets the firsttransaction result as online request; when the application ciphertext inthe card behavior analyzing result is AAC, the visual financial IC cardsets the first transaction result as refusing transaction.

For example, when the application ciphertext in the card behavioranalyzing result is ARQC, the visual financial IC card sets the firsttransaction result as “0x02”; when the application ciphertext in thecard behavior analyzing result is AAC, the visual financial IC card setsthe first transaction result as “0x01”.

Step 222, the visual financial IC card refuses transaction, displaysrefusing transaction information, executes Step 223;

Step 223, the visual financial IC card organizes transaction messageaccording to the first transaction result.

In this case, the transaction message can include a first transactionresult, transaction amount, transaction date, card holder verifyingmethod result, interface device sequence number and card issuerapplication data; the first transaction result can be refusingtransaction or requesting online.

Further, the transaction message can include one or more of followingitems: application ciphertext, ciphertext information data, anunpredictable number, an application transaction counter, a terminalverifying result, transaction type, transaction currency code,application interaction character, terminal country code, other amount,terminal capability, terminal type, special file name, applicationversion number, transaction sequence counter. For example, according tothe first transaction result “0x02”, the terminal verifying result“0x950x050x080x800x000x000x00”, the transaction date“0x9a0x030x160x030x22”, the unpredictable number “0x9f0x370x040x730x550x820xec”, theapplication transaction counter “0x9f0x360x020x000x24”, the ciphertextinformation data “0x9Mx270x010x80”, the application ciphertext“0x9f0x260x080x330x370x6f0xbd0x790x960x650xe5”, the card issuerapplication data “0x9f0x100x130x070x010x010x030xa40xb80x040x010x0a0x010x000x000x200x000x000xb10x910xcc0xd2”, the card holder verifyingmethod result “0x9f0x340x030x010x000x02”, the transaction sequencecounter “0x9f0x410x040x000x000x000x01”, the special file name“0x840x070xa00x000x000x030x330x010x01”, the application version number“0x9f0x090x020x000x8c”, the transaction type “0x9c0x010x00”, thetransaction currency code “0x5f0x2a0x020x010x56”, the terminal countrycode “0x9f0x1a0x020x010x56”, other amount“0x9f0x030x060x000x000x000x000x000x00”, the terminal capability“0x9f0x330x030xa00xc80xc8”, the terminal type“0x9f0x350x010x34”, theinterface device sequence number“0x9f0x1e0x080x000x000x000x000x000x000x000x00” and the transactionamount “0x9f 0x020x060x000x000x000x010x230x00”, the visual financial ICcard organizes following transaction message:

“0x020x950x050x080x800x000x000x000x9a0x030x160x030x220x9f0x370x040x730x550x820xec0x820x020x7c0x000x9f0x360x020x000x240x9f0x270x010x800x9f0x260x080x330x370x6f0xbd0x790x960x650xe50x9f0x100x130x070x010x010x030xa40xb80x040x010x0a0x010x000x000x200x000x000xb10x910xcc0xd20x9f0x340x030x010x000x020x9f0x410x040x000x000x000x010x840x070xa00x000x000x030x330x010x010x9f0x090x020x000x8c0x9c0x010x000x5f0x2a0x020x010x560x9f0x1a0x020x010x560x9f0x030x060x000x000x000x000x000x000x9f0x330x030xa00xc80xc80x9f0x350x010x340x9f0x1e0x080x000x000x000x000x000x000x000x000x9f0x020x060x000x000x000x010x230x000x900x00”, in which the last two bytes“0x900x00” represent successful state code.

Step 224, the visual financial IC card sends the transaction message tothe client.

Step 225, the client obtains a first transaction result from thetransaction message, determines whether the first transaction result isthe online request, if yes, executes Step 227; otherwise, executes Step226.

Specifically, the client can determine a value of the first transactionresult, if the first transaction result is a fifth preset value, thefirst transaction result is the online request; otherwise, the firsttransaction result is not the online request.

For example, the fifth preset value is “0x02”, the transaction messagereturned by the visual financial IC card is:“0x020x950x050x080x800x000x000x000x9a0x030x160x030x220x9f0x370x040x730x550x820xec0x820x020x7c0x000x9f0x360x020x000x240x9f0x270x010x800x9f0x260x080x330x370x6f0xbd0x790x960x650xe50x9f0x100x130x070x010x010x030xa40xb80x040x010x0a0x010x000x000x200x000x000xb10x910xcc0xd20x9f0x340x030x010x000x020x9f0x410x040x000x000x000x010x840x070xa00x000x000x030x330x010x010x9f0x090x020x000x8c0x9c0x010x000x5f0x2a0x020x010x560x9f0x1a0x020x010x560x9f0x030x060x000x000x000x000x000x000x9f0x330x030xa00xc80xc80x9f0x350x010x340x9f0x1e0x080x000x000x000x000x000x000x000x000x9f0x020x060x000x000x000x010x230x000x900x00”, the client obtains the firsttransaction result “0x02” from the transaction message and determinesthat the first transaction result is online request.

Step 226, the client displays information of failed transaction, processis ended.

Step 227, the client sends an instruction request to the visualfinancial IC card.

Step 228, the visual financial IC card organizes response message.

Step 229, the visual financial IC card sends the response message to theclient.

In this case, the response message includes application PAN, applicationPAN sequence number, second equivalent magnetic track, onlinetransaction PIN ciphertext and service point input way code; in thepresent embodiment, the service point input way code is a fixed value.

For example, the response message which is organized by the financialvisual card and sent to the client is:

“0x5a0x080x620x280x000x010x000x000x110x170x5f0x340x010x010x570x110x620x280x000x010x000x000x110x170xd30x010x220x010x010x230x450x670x890x990x080xa40x010x580xf10xb40x710x3e0xc20xff0x040x020x050x100x900x00”,

in which “0x5a0x080x620x280x000x010x000x000x110x17” is application PAN,“0x5f0x340x010x01” is application PAN sequence number,“0x570x110x620x280x000x010x000x000x110x170xd30x010x220x010x010x230x450x670x89”is the second equivalent magnetic track,“0x990x080xa40x010x580xf10xb40x710x3e0xc2” is online transaction PINciphertext, “0xff0x040x020x050x10” is service point input way code.

Step 230, the client organizes online message according to thetransaction message and the response message.

Step 231, the client sends the online message to the server.

In this case, the online message includes message type, message lengthand message content.

For example, the online message organized by the client and sent to theserver is:

“0x100x010x940x950x050x080x800x000x000x000x9a0x030x160x030x220x9f0x370x040x730x550x820xec0x820x020x7c0x000x9f0x360x020x000x240x9f0x270x010x800x9f0x260x080x330x370x6f0xbd0x790x960x650xe50x9f0x100x130x070x010x010x030xa40xb80x040x010x0a0x010x000x000x200x000x000xb10x910xcc0xd20x9f0x340x030x010x000x020x9f0x410x040x000x000x000x010x840x070xa00x000x000x030x330x010x010x9f0x090x020x000x8c0x9c0x010x000x5f0x2a0x020x010x560x9f0x1a0x020x010x560x9f0x030x060x000x000x000x000x000x000x9f0x330x030xa00xc80xc80x9f0x350x010x340x9f0x1e0x080x000x000x000x000x000x000x000x000x9f0x020x060x000x000x000x010x230x000x5a0x080x620x280x000x010x000x000x110x170x5f0x340x010x010x570x110x620x280x000x010x000x000x110x170xd30x010x220x010x010x230x450x670x890x990x080xa40x010x580xf10xb40x710x3e0xc20xff0x040x020x050x100x900x00”, in which the first byte“0x10” is message type, the followingtwo bytes “0x010x32” are message length, which represent the length ofthe data afterwards is 196 bytes.

Step 232, the server determines whether the type of the online messageis correct, if yes, executes Step 233; otherwise, executes Step 240.

Specifically, the server obtains message type from the online message,determines whether the value of the message type is the sixth presetvalue, if yes, the server determines that the type of the online messageis correct; otherwise, the server determines that the type of the onlinemessage is not correct.

For example, the sixth preset value is “0x10”, the online messagereceived by the server is:“0x100x010x940x950x050x080x800x000x000x000x9a0x030x160x030x220x9f0x370x040x730x550x820xec0x820x020x7c0x000x9f0x360x020x000x240x9f0x270x010x800x9f0x260x080x330x370x6f0xbd0x790x960x650xe50x9f0x100x130x070x010x010x030xa40xb80x040x010x0a0x010x000x000x200x000x000xb10x910xcc0xd20x9f0x340x030x010x000x020x9f0x410x040x000x000x000x010x840x070xa00x000x000x030x330x010x010x9f0x090x020x000x8c0x9c0x010x000x5f0x2a0x020x010x560x9f0x1a0x020x010x560x9f0x030x060x000x000x000x000x000x000x9f0x330x030xa00xc80xc80x9f0x350x010x340x9f0x1e0x080x000x000x000x000x000x000x000x000x9f0x020x060x000x000x000x010x230x000x5a0x080x620x280x000x010x000x000x110x170x5f0x340x010x010x570x110x620x280x000x010x000x000x110x170xd30x010x220x010x010x230x450x670x890x990x080xa40x010x580xf10xb40x710x3e0xc20xff0x040x020x050x100x900x00”, the server obtains the first byte of the online message and takesthe first byte as message type, determines the value of the message typeis “0x10”, therefore the type of the online message is determined to becorrect.

Step 233, the server analyzes the online message.

Specifically, the server reads message content from the online messageaccording to message length in the online message, transforms themessage content to be TLV object MAP.

Step 234, the server determines whether analyzing the online message issuccessful, if yes, executes Step 235; otherwise, executes Step 240.

Step 235, the server determines whether a necessary data item isincluded in the online message, if yes, executes Step 236; otherwise,executes Step 240.

Specifically, the server searches for the necessary data item from theMAP obtained by transforming, the necessary data can include online PINciphertext, application PAN, transaction type, application ciphertext,the application transaction counter, the terminal verification resultand the transaction amount.

For example, the server can search for a tag value of the necessary dataitem from the MAP obtained by transforming, if all of the tag values arefound, the server determines that the online message includes thenecessary data item; otherwise, the server determines that the onlinemessage does not include the necessary data item;

Further, the tag value of the online PIN cryptogram is “0x99”, the tagvalue of the application PAN is “0x5a”, the tag value of the transactiontype is “0x9c”, the tag value of the application ciphertext is“0x9f0x26”, the tag value of the application transaction counter is“0x9f0x36”, the tag value of the terminal verifying result is “0x95”,the tag value of authorization amount is “0x9f0x02”.

Step 236, the server verifies the necessary data item in the onlinemessage, if verifying is successful, executes Step 237; otherwise,executes Step 240.

Specifically, the server can determine whether a record of PAN tag valueexists in a server database, if yes, verifying the PAN tag value isdetermined to be successful; otherwise, verifying the PAN tag value isdetermined to be unsuccessful; the server further can determine whetherthe authorized amount is more than a card balance in the serverdatabase, if yes, the authorized amount is determined to be successful;otherwise, the authorization amount is determined to be unsuccessful.

Step 237, the server organizes an online response package.

In this case, the online response package can include an online resultand an authorization response code; the online package can furtherinclude card issuer script and card issuer authorization data.

For example, the online response package is “0x000x8a0x020x300x30”, inthis case, “0x00” is the online result representing normal online;“0x8a0x020x300x30” is the authorization code.

Step 238, the server determines whether online response package issuccessfully organized, if yes, executes Step 239; otherwise, executesStep 240.

Step 239, the server sends the online response package to the client,executes Step 242.

Step 240, the server organizes an error response package.

For example, the server organizes the error response package0x8a0x020x350x35.

Step 241, the server sends the error response package to the client.

Step 242, the client checks a response returned from the server, if theresponse is the error response package, executes Step 243; if theresponse is the online response package, executes Step 244.

Step 243, the client displays corresponding error information and endsprocess.

Step 244, the client sends the online response package to the visualfinancial IC card.

Step 245, the visual financial IC card executes completing processingoperation according to the online response package sent by the clientand obtains a completing processing result, sets a second transactionresult according to the completing processing result and displayscorresponding information according to the second transaction result.

In this case, the completing processing result can include ciphertextinformation data, application ciphertext, application transactioncounter, card issuer application data; in this case, the applicationciphertext can be transaction certificate (TC) or AAC.

When the application ciphertext is TC in the completing processingresult, the second transaction result is set to be approvingtransaction; when the application ciphertext in the completingprocessing result is AAC, the second transaction result is set to berefusing transaction;

when the second transaction result is approving transaction, the visualfinancial IC card displays information of successful transaction; whenthe second transaction result is refusing transaction, the visualfinancial IC card displays information of refusing transaction.

It should be noted that, when the online response package received bythe visual financial IC card from the client includes the card issuerscript, after Step 245, the method further includes that the visualfinancial IC card executes the card issuer script, displayscorresponding error information when executing is error; when the onlineresponse package received by the visual financial IC card from theclient includes the card issuer authorization data, before Step 245 themethod further includes that the visual financial IC card verifies thecard issuer authorization data;

Specifically, the card issuer script can include one or more pieces ofcard issuer script command; executing the card issuer script by thevisual financial IC card specifically includes that the visual financialIC card executes the card issuer script commands in the card issuerscript sequentially; for example, the card issuer script includes acommand of modifying data command, the visual financial IC card executesthe command of modifying data command and modifies the electronic cashbalance in the visual financial IC card.

Step 246, the visual financial IC card organizes data package accordingto the second transaction result.

In this case, the data package can include a second transaction result,the terminal verification result (TVR), the application transactioncounter (ATC), the ciphertext information data (CID), the applicationciphertext (AC) and the card issuer application data; the data packagecan further include a result of executing card issuer script.

For example, the data package sent by the visual financial IC card tothe client is:

“0x000x950x050x080x800x000x800x000x9f0x360x020x000x3c0x9f0x270x010x400x9f0x260x080x3f0xd40x5d0x670x430x080x9b0x320x9f0x100x080x070x010x010x030x640xbc0x040x01”, in which the first byte “0x00” is the second transaction resultrepresenting approving transaction; “0x950x050x080x800x000x800x00” isthe terminal verifying result, “0x9f0x360x020x000x3c” is the applicationtransaction counter, “0x9f0x270x010x40” is ciphertext information data,“0x9f0x260x080x3f0xd40x5d0x670x430x080x9b 0x32” is applicationciphertext, “0x9f0x100x080x070x010x010x030x640xbc0x040x01” is cardissuer application data.

Step 247, the visual financial IC card sends the data package to theclient.

Step 248, the client obtains the second transaction result from the datapackage.

Step 249, the client determines whether the transaction is approvedaccording to the second transaction result, if yes, executes Step 250;otherwise, executes Step 251.

Step 250, the client prints transaction credit, displays information ofsuccessful transaction, ends process.

Step 251, the client displays information of refusing transaction, endsprocess.

Embodiment 3

Embodiment 3 provides a visual financial IC card 1, a client 2 and aserver 3. As shown in FIG. 7 , the visual financial IC card 1specifically includes:

a receiving module 301 configured to receive transaction transferringdata and an online response package sent from the client 2;

an obtaining module 302 configured to obtain transaction data from thetransaction transferring data received by the receiving module 301;

an inputting module 303 configured to receive an online PIN input by auser;

an encrypting module 304 configured to encrypt the received online PINreceived by the inputting module 303 to obtain online PIN ciphertext;

a first performing module 305 configured to perform behavior analyzingto obtain a card behavior analyzing result;

a first setting module 306 configured to set a first transaction resultaccording to the card behavior analyzing result obtained by the firstperforming module 305;

a first organizing module 307 configured to organize message accordingto the first transaction result set by the first setting module 306, thecard analyzing result obtained by the first performing module 305, thetransaction data obtained by the obtaining module 302 and the online PINobtained by the encrypting module 304;

a second performing module 308 configured to perform completingprocessing according to the online response received by the receivingmodule 301 to obtain a completing processing result;

a second setting module 309 configured to set a second transactionresult according to the completing processing result obtained by thesecond performing module 308;

a displaying module 310 configured to display corresponding informationaccording to the second transaction result set by the second settingmodule 309;

a second organizing module 311 configured to organize data packageaccording to the second transaction result set by the second settingmodule 309 and the completing processing result obtained by the secondperforming module 308; and

a sending module 312 configured to send the message organized by thefirst organizing module 307 and the data package organized by the secondorganizing module 311 to the client 2.

In Embodiment 3, the visual financial IC card 1 further includes a firstdetermining module configured to determine whether the transactiontransferring data received by the receiving module 301 is complete;correspondingly, the inputting module 303 is specifically configured toreceive an online PIN input by the user in the case that a determiningresult of the first determining module is complete; the sending module312 is further configured to return error information to the client inthe case that the determining result of the second determining module isnot complete.

Preferably, the first determining module specifically is configured todetermine whether the length of the transaction data in the transactiontransferring data received by the receiving module 301 is equal totransaction data length in the transaction transferring data, if yes,the transaction transferring data received by the receiving module 301is complete; otherwise, the transaction transferring data received bythe receiving module 301 is not complete.

In Embodiment 3, the visual financial IC card further can include asecond determining module; the second determining module configured todetermine whether format of the transaction transferring data receivedby the receiving module 301 is correct; correspondingly, the inputtingmodule 303 specifically configured to receive an online PIN input by theuser in the case that a determining result of the second determiningmodule is correct; and the sending module 312 is further configured toreturn error information to the client in the case that the determiningresult of the second determining module is not correct.

Preferably, the second determining module specifically includes: adetermining unit configured to determine whether the transaction amountin the transaction data obtained by the obtaining module 302 matches thetransaction type in the transaction data; a confirming unit configuredto confirm the format of the transaction transferring data received bythe receiving module 301 is correct in the case that the determiningresult of the determining unit is matched; confirm the format of thetransaction transferring data received by the receiving module 301 isnot matched;

Further, the determining unit specifically is configured to determinewhether the transaction amount in the transaction data is zero in thecase that the transaction type in the transaction data obtained by theobtaining module 302 is consumption, if yes, the transaction amount inthe transaction data obtained by the obtaining module 302 does not matchthe transaction type in the transaction data; otherwise, the transactionamount in the transaction data obtained by the obtaining module 302matches the transaction type in the transaction data; determine whetherthe transaction amount in the transaction transferring data is zero, inthe case that the transaction type in the transaction data obtained bythe obtaining module 302 is checking main account balance, if yes, thetransaction amount in the transaction data obtained by the obtainingmodule 302 matches the transaction type in the transaction data;otherwise, the transaction amount in the transaction data obtained bythe obtaining module 302 does not match the transaction type in thetransaction data.

In Embodiment 3, the visual financial IC card further includes a thirddetermining module configured to determine whether a transaction amountis required to be confirmed by the user; correspondingly, the displayingmodule 310 further configured to display the transaction amount in thetransaction data obtained by the obtaining module 302 in the case thatdetermining result of the third determining module is that thetransaction amount is required to be confirmed by the user; and theinputting module 303 further configured to receive a transaction amountconfirming information input by the user in the case that thedetermining result of the third determining module is that thetransaction amount is required to be confirmed by the user.

Preferably, the third determining module specifically is configured todetermine the transaction type in the transaction data obtained by theobtaining module 302, if the transaction type is consumption, the useris required to confirm transaction amount; if the transaction type ischecking main account balance, the user is not required to confirm thetransaction amount.

In Embodiment 3, the visual financial IC card can include a fourthdetermining module and a caching module; the caching module isconfigured to cache the online PIN received by the inputting module 303;the fourth determining module specifically comprises:

-   -   a first determining unit configured to determine whether the        transaction amount in the transaction data obtained by the        obtaining module 302 is more that a preset amount;    -   a second determining module configured to determine whether a        cached online PIN exists in the case that the determining result        of the first determining unit is no;    -   a reading unit configured to read the cached online PIN in the        case that the determining result of the second determining unit        is no;    -   an encrypting unit configured to encrypt the online PIN read by        the reading unit to obtain online PIN ciphertext;

Correspondingly, the inputting module 303 specifically is configured toreceive the online PIN input by the user in the case that thedetermining result of the first determining result is yes or thedetermining result of the second determining unit is no.

In Embodiment 3, the first setting module 306 specifically is configuredto check application ciphertext in the card behavior analyzing resultobtained by the first performing module 305, set the first transactionresult as an online request if the application ciphertext isauthorization request ciphertext; set the first transaction result asrefusing transaction if the application ciphertext is applicationauthentication ciphertext.

Correspondingly, in Embodiment 3, the visual financial IC card canfurther include: a refusing module configured to refuse transaction inthe case that the first transaction result set by the first settingmodule 306 is refusing transaction; the displaying module 310 furtherconfigured to display information of refusing transaction in the casethat the first transaction result set by the first setting module 309 isrefusing transaction.

In Embodiment 3, the receiving module 301 further is configured toreceive an instruction request sent by the client; correspondingly,

the first organizing module 307 can specifically include:

a first organizing unit configured to organize transaction messageaccording to the first transaction result set by the first settingmodule 306, the behavior analyzing result obtained by the firstperforming module 305 and the transaction data obtained by the obtainingmodule 302;

a second organizing unit configured to organize response messageaccording to the online PIN ciphertext obtained by the encrypting module304 in the case that the receiving module 301 receives an instructionrequest; and

the sending module 312 specifically is configured to send thetransaction message organized by the first organizing unit and theresponse message organized by the second organizing unit to the client2.

In Embodiment 3, the second setting module 309 can specifically beconfigured to check the application ciphertext in the completingprocessing result obtained by the second performing module 308; if theapplication ciphertext is transaction certificate, the secondtransaction result is set to be approving transaction; if theapplication ciphertext is application authentication ciphertext, thesecond transaction result is set to be refusing transaction;

Further, the displaying module 310 can specifically be configured todisplay information of successful transaction in the case that thesecond transaction result set by the second setting module 309 isapproving transaction; displaying information of refusing transaction inthe case that the second transaction result set by the second settingmodule 309 is refusing transaction.

In Embodiment 3, the visual financial IC card further comprises:

a first checking module which is configured to check whether card issuerauthorization data included in the online response package received bythe receiving module 301;

the authenticating module is configured to authenticate the card issuerauthorization data included in the online response package received bythe receiving module 301 in the case that the checking result of thefirst checking module is that the card issuer authorization data isincluded in the online response package received by the receivingmodule.

In Embodiment 3, the visual financial IC card further includes:

-   -   the second checking module is configured to check whether card        issuer script is included in the online response package        received by the receiving module 301;    -   the third performing module is configured to perform the card        issuer script in the online response package received by the        receiving module 301 in the case that the result of the second        checking module is that the card issuer script is included in        the online response package received by the receiving module        301;    -   the second organizing module 311 specifically is configured to        organize data package according to the second transaction result        set by the second setting module 309, the performing result of        the third performing module and the completing processing result        obtained by the second performing module 308;    -   the displaying module 310 is further configured to display        corresponding error information in the case that the performing        result of the third performing result is error.

As shown in FIG. 8 , Embodiment 3 of the present invention furtherprovides a client 2 which includes:

-   -   a first receiving module 401 configured to receive message and        data package which are sent by the visual financial IC card 1;    -   a first determining module 402 configured to determine whether a        first transaction result in the message received by the first        receiving module 401 is an online request;    -   an organizing module 403 configured to organize online message        according to the message received by the first receiving module        401 in the case that the determining result of the first        determining module 402 is yes;    -   a first sending module 404 configured to send the online message        organized by the organizing module 403 to the server 3;    -   a second receiving module 405 configured to receive a response        returned by the server 3;    -   a second sending module 406 configured to send the online        response package to the visual financial IC card 1 in the case        that the response received by the second receiving module 405 is        online response package;    -   a second determining module 407 configured to determine whether        transaction is approved according to the second transaction        result in the data package received by the first receiving        module 401; and    -   a displaying module 408 configured to display information of        failed transaction in the case that the determining result of        the first determining module 402 is no; display corresponding        error information in the case that the response received by the        second receiving module 405 is not online response package;        display information of successful transaction in the case that        the determining result of the second determining module 407 is        yes; display information of refusing transaction in the case        that the determining result of the second determining module 407        is “No”.

In Embodiment 3, the client 2 further comprises: a printing moduleconfigured to print transaction credit in the case that the determiningresult of the second determining module 407 is yes.

As shown in FIG. 9 , Embodiment 3 further provides a server 3, whichincludes:

-   -   a receiving module 501 configured to receive online message sent        by the client 2;    -   a determining module 502 configured to determine whether a type        of the online message received by the receiving module 501 is        correct;    -   an analyzing module 503 configured to analyze the online message        received by the receiving module 501 in the case that the        determining result of the determining module 502 is yes;    -   a checking and authenticating module 504 configured to check and        authenticate the online message received by the receiving module        501 in the case that analyzing of the analyzing module 503 is        successful, if the online message includes necessary data item        and authenticating of the necessary data item is successful,        checking and authenticating is successful; otherwise, checking        and authenticating is not successful;    -   a first organizing module 505 configured to organize the online        response package in the case that the checking and        authenticating of the checking and authenticating module 504 is        successful;    -   a second organizing module 506 configured to organize error        response package in the case that determining result of the        determining module 502 is no, the analyzing of the analyzing        module 503 is not successful or the checking and authenticating        of the checking and authenticating module 504 is not successful;        and

a sending module 507 configured to send an online response packageorganized by the first organizing module 505 and the error responsepackage organized by the second organizing module 506 to the client 2.

The described embodiments are only preferred embodiments of theapplication and the embodiments are not intended to limit theapplication. Any alteration or change easily obtained by those skilledin the art based on the application should fall in the scope ofprotection of the application.

The invention claimed is:
 1. A method of an online transaction using avisual financial chip card which can store information and displayinformation of a cardholder and a client which is an applicationinstalled in a terminal device of the cardholder without requiring atransaction terminal, so as to improve security and convenience of theonline transaction, wherein said method comprises the following stepsof: issuing the visual financial chip card to the cardholder; S1)receiving, by the visual financial chip card which displays informationwith an electronic paper, transaction transferring data sent from theclient, and obtaining transaction data from the transaction transferringdata; S2) receiving, by the visual financial chip card, an online PINentered by the cardholder with a key in the visual financial chip card,encrypting the online PIN to obtain online PIN ciphertext; S3)performing, by the visual financial chip card, behavior analyzinganalysis to obtain a card behavior analyzing result, setting a firsttransaction result data according to the card behavior analyzing result,organizing a message according to the first transaction result data, thecard behavior analyzing result, the transaction data and the online PINciphertext, and sending the message to the client; S4) receiving, by thevisual financial chip card, an online response package sent from theclient, executing a first operation according to the online responsepackage, so as to obtain a first operation result, setting a secondtransaction result data according to the first operation result, anddisplaying a prompting information according to the second transactionresult data; and S5) organizing, by the visual financial chip card, adata package according to the second transaction result data and thefirst operation result, and sending the data package to the client;wherein the card behavior result comprises application ciphertext;setting the first transaction result data according to the card behavioranalyzing result specifically comprises: checking, by the visualfinancial chip card, the application ciphertext in the card behavioranalyzing result, setting the first transaction result data as an onlinerequirement in the case that the application ciphertext is authorizationrequest ciphertext; and setting the first transaction result data asrefusing transaction in the case that the application ciphertext isapplication authentication ciphertext; wherein the first operationresult comprises application ciphertext; setting the second transactionresult data according to the first operation result specificallycomprises: checking, by the visual financial chip card, the applicationciphertext in the first operation result, setting the second transactionresult data as transaction approval in the case that the applicationciphertext is transaction certificate, while setting the secondtransaction result data as refusing transaction in the case that theapplication ciphertext is application authentication ciphertext; whereinafter Step S4, the method further comprises the following steps: 3-1)checking, by the visual financial chip card, whether card issuer scriptis included in the online response package, if yes, executing step 3-2;otherwise, executing Step S5; 3-2) executing, by the visual financialchip card, the card issuer script, if executing is successful, executingstep 3-3; while if executing is error, displaying error information andexecuting step 3-3; and 3-3) organizing, by the visual financial chipcard, the data package according to the second transaction result data,executing card issuer script result and the first operation result,sending the data package obtained by organizing to the client, thenending a process; and the method further comprises the following steps:T1) receiving, by the client, the message sent by the visual financialchip card, determining whether the first transaction result data in themessage is online request, if yes, executing Step T2, otherwise,displaying information of failed transaction, ending; T2) organizing, bythe client, online message according to the message and sending theonline message to a server, receiving a response returned by the server,if the response returned by the server is online response package,sending the online response package to the visual financial chip card,executing Step T3; otherwise, displaying an error information, thenending; and T3) receiving, by the client, the data package sent by thevisual financial chip card, determining whether transaction is approvedaccording to the second transaction result data in the data package, ifyes, displaying information of successful transaction; otherwise,displaying information of refusing transaction, then ending.
 2. Themethod of claim 1, wherein the transaction data comprises transactionamount; before receiving the online PIN entered by the cardholder, themethod further comprises: determining, by the visual financial chipcard, whether to require the cardholder to confirm the transactionamount, receiving the online PIN entered by the cardholder in the casethat the cardholder to confirm the transaction amount is not required;displaying the transaction amount and waiting for receiving transactionamount confirming information entered by the cardholder in the case thatthe cardholder to confirm the transaction amount is required; executingreceiving the online PIN in the case that the transaction amountconfirming information entered by the cardholder is received; whilereturning error information to the client and ending in the case thatthe transaction amount confirming information entered by the cardholderis not received.
 3. The method of claim 1, wherein the transaction datacomprises transaction amount; before receiving the online PIN entered bythe cardholder, the method further comprises the following steps: 1-1)determining, by the visual financial chip card, whether the transactionamount is more than a preset amount, if yes, executing receiving theonline PIN entered by the cardholder; otherwise, executing step 1-1; and1-2) determining, by the visual financial chip card, whether a cachedonline PIN exists, if yes, reading the cached online PIN, encrypting theonline PIN to obtain the online PIN ciphertext, executing step S3;otherwise, executing receiving the online PIN entered by the cardholder;after receiving the online PIN entered by the cardholder, the methodfurther comprises: caching the online PIN.
 4. The method of claim 1,wherein organizing the message according to the first transaction resultdata, the card behavior analyzing result, the transaction data and theonline PIN ciphertext specifically comprises following steps: 2-1)organizing, by the visual financial chip card, transaction messageaccording to the first transaction result data, the card behavioranalyzing result, and the transaction data, and sending the transactionmessage to the client; and 2-2) receiving, by the visual financial chipcard, an instruction request sent by the client, organizing a responsemessage according to the online PIN ciphertext, sending the responsemessage to the client.
 5. The method of claim 1, wherein after receivingthe online response package sent from the client, and before executingthe first operation so as to obtain the first operation result, themethod further comprises: checking, by the visual financial chip card,whether card issuer authorization data is included in the onlineresponse package, if yes, authenticating the card issuer authorizationdata and keeping on performing the first operation to obtain the firstoperation result, otherwise, keeping on performing the first operationto obtain the first operation result.
 6. The method of claim 1, whereinin Step T3, when the transaction is approved, the method furthercomprises: printing transaction credit.